package com.itheima.config;

/*import com.itheima.controller.backend.security.CustomUserDetailsService;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import lombok.RequiredArgsConstructor;*/

/**
 * Security配置类
 */
/*@Configuration
@RequiredArgsConstructor
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    *//**
     * HTTP安全规则配置，处理请求，自定义授权规则
     * @param http
     * @throws Exception
     **//*
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin()// 开启表单认证
                .loginPage("/backend/login.html")// 自定义登录页面
                .loginProcessingUrl("/login")// 登录处理Url
                .usernameParameter("username").passwordParameter("password")// 修改自定义表单name值.
                .defaultSuccessUrl("/backend/pages/main.html")// 登录成功后跳转路径
                .and()
                .authorizeRequests()
                .antMatchers("/backend/login.html").permitAll()
                .anyRequest().authenticated(); //所有请求都需要登录认证才能访问;
        // 关闭csrf防护
        http.csrf().disable();
        // 允许iframe加载页面
        http.headers().frameOptions().sameOrigin();
    }

    *//**
     * 忽略静态资源
     * @param web
     * @throws Exception
     **//*
    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/backend/css/**", "/backend/img/**",
                "/backend/js/**", "/backend/plugins/**", "/favicon.ico");
    }

    //自定义数据库模型
    private final CustomUserDetailsService userDetailsService;
    @Bean
    protected PasswordEncoder myPasswordEncoder(){
        return new BCryptPasswordEncoder();
    }

    *//**
     * 认证管理器，自定义认证
     * @param auth
     * @throws Exception
     **//*
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(myPasswordEncoder());
    }
}*/
